﻿<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<?php
if (!(isset($_SESSION["admin"]))) {
header("Location: index.php");
exit();
} else {
if ($_SESSION["admin"] != "true") {
header("Location: index.php");
exit();
}
}
if (!(isset($_GET["id"]))) {
header("Location: index.php");
exit();
}//end of checking for id in querystring
?>
<?php
require("dbInc.php");
$mysqliObj = new mysqli($dbHost, $dbUser, $dbPass, $dbDB);
$msg = "";
$catName = "";
$catDescription = "";
$catID = mysqli_real_escape_string($mysqliObj, $_GET["id"]);
if (isset($_POST["btnEdit"])) {
header("Location: product.php?catid=" . $catID . "&id=" . $_POST["selProduct"]);
$mysqliObj->close();
exit();
}//end of checking if want to edit product itself
if (isset($_POST["btnUpdate"])) {
if (strlen($_POST["txtName"]) > 0) {
$catName = "'" . mysqli_real_escape_string($mysqliObj, $_POST["txtName"]) . "'";
$catDescription = "'" . mysqli_real_escape_string($mysqliObj, $_POST["txtDescription"]) . "'";
$sql = sprintf("update %s set vCatName = %s, vCatDescription = %s where id = %s;", $tableCats, $catName, $catDescription, $catID);
$mysqliObj->query($sql);
$msg = "Category updated";
} else {
$msg = "You must enter a name for category";
}//end of checking length of txtName value
}//end of checking if category update form submitted
if (isset($_POST["btnDelete"])) {
if ($_POST["hidConfirm"] == "1") {
$sql = sprintf("delete from %s where id = %s;", $tableProducts, mysqli_real_escape_string($mysqliObj, $_POST["selProduct"]));
$mysqliObj->query($sql);
$msg = "Product removed";
}//end of checking for confirmation
}//end of checking if want to delete product
$sql = sprintf("select vCatName, vCatDescription from %s where id = %s;", $tableCats, $catID);
$res = $mysqliObj->query($sql);
$res->data_seek(0);
if ($row = $res->fetch_assoc()) {
$catName = $row["vCatName"];
$catDescription = str_replace("\'", "'", $row["vCatDescription"]);
}//end of category row fetch
$numProducts = 0;
$productsArray = array();
$sql = sprintf("select id, vName from %s where iCatID = %s order by vName;", $tableProducts, $catID);
$res = $mysqliObj->query($sql);
$res->data_seek(0);
$numProducts = $res->num_rows;
if ($numProducts > 0) {
while ($row = $res->fetch_assoc()) {
array_push($productsArray, array($row["id"], $row["vName"]));
}//end of looping through rows
}//end of checking if $numProducts > 0
$mysqliObj->close();
?>
<title>bzShopping category: <?php echo $catName; ?></title>
<link type="text/css" rel="stylesheet" href="../styles.css" />
<?php
include("../includefunctions.inc");
?>
<script type="text/javascript" language="javascript">
function validateForm(theForm) {
with (theForm) {
if (validate_required(txtName,"You must enter a name for the category") == false)
{txtName.focus();return false}
}//end of with clause
}//end of validateForm function

function confirmDelete() {
if (confirm("Are you sure you want to remove that product from the category?") == true) {
document.getElementById("hidConfirm").value = "1";
} else {
document.getElementById("hidConfirm").value = "0";
}
}//end of confirmDelete function

function validateForm2(theForm) {
with (theForm) {
if (hidConfirm.value != "1") {
return false;
}
}//end of with clause
}//end of validateForm2 function

function checkMsg() {
var msg = "<?php echo $msg; ?>";
if (msg.length > 0) {
alert(msg);
}
}//end of checkMsg function
</script>
</head>
<body onload="checkMsg();">
<iframe name="logoFrame" id="logoFrame" src="../logo.htm" border="0" height="120" align="top" frameborder="0" marginheight="0" width="100%" scrolling="no">
<a href="http://www.blindza.co.za/" target="_blank">
<img src="../logo/blindza_logo_smaller46.jpg" alt="blindZA.co.za logo - white text on black background, with white border - and red braille version hovering in front of normal text" width="317" height="103" border="0" />
</a>
</iframe>
<a href="cats.php">Back to categories</a>
<h2>bzShopping category: <?php echo $catName; ?></h2>
<h3>Category details</h3>
<form action="category.php?id=<?php echo $_GET['id']; ?>" method="post" enctype="multipart/form-data" onsubmit="return validateForm(this);">
<table align="center" border="0">
<tr>
<th align="right">Category name (required):</th>
<td>
<input type="text" name="txtName" value="<?php echo $catName; ?>" />
</td>
</tr>
<tr>
<th align="right" valign="top">Category description:</th>
<td>
<textarea name="txtDescription" multiline="true" rows="3" cols="100"><?php echo $catDescription; ?></textarea>
</td>
</tr>
<tr>
<th align="center" colspan="2">
<input type="submit" name="btnUpdate" value="Update category" />
</th>
</tr>
</table>
</form>
<h3>Current products (<?php echo $numProducts; ?>)</h3>
<a href="product.php?catid=<?php echo $catID; ?>&id=0">Add product</a>
<?php
if ($numProducts > 0) {
?>
<form action="category.php?id=<?php echo $catID; ?>" method="post" enctype="multipart/form-data" onsubmit="return validateForm2(this);">
<table align="center" border="0">
<tr>
<th align="right">Select product:</th>
<td>
<select name="selProduct">
<?php
foreach ($productsArray as $productRow) {
echo "<option  value=" . $productRow[0] . ">" . $productRow[1] . "</option>\n";
}//end of looping through array elements
?>
</select>
</td>
</tr>
<tr>
<th align="center" colspan="2">
<input type="hidden" id="hidConfirm" name="hidConfirm" value="0" />
<input type="submit" name="btnEdit" value="Edit product" onclick="document.getElementById('hidConfirm').value=1;" /><br />
<input type="submit" name="btnDelete" value="Remove product" onclick="confirmDelete();" />
</th>
</tr>
</table>
</form>
<?php
}//end of checking $numProducts > 0
?>
</body>
</html>
